nemo-curator
Warn
Audited by Snyk on Jun 29, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). The required runtime workflow ingests outsider-authored free text when the pipeline loads Common Crawl/parquet inputs (e.g.,
DocumentDataset.read_parquet("common_crawl/*.parquet")), where thetextfield comes from public web pages authored by third parties and is then passed through filters/dedup/PII modules into the LLM context (e.g., via classifier/embedding steps that consume the document text).
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata